The GitHub mentions 8B canaries after allocated blocks, how realistic is it that canaries can be overwritten as they were allocated in an overflow attack to continue writing the payload?
The point of canaries is not that you can't overwrite then, it's that you won't know what to overwrite them with (and are forced to overwrite them, thus detecting the overflow).
However, as someone who does this type of exploitation for fun and has a little bit of experience with heap attacks, I doubt the canaries are particularly effective at stopping exploits, and the README basically admits this as well.
However, as someone who does this type of exploitation for fun and has a little bit of experience with heap attacks, I doubt the canaries are particularly effective at stopping exploits, and the README basically admits this as well.